Month End Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dumps65

HP HPE6-A78 Dumps

Page: 1 / 17
Total 167 questions

Aruba Certified Network Security Associate Exam Questions and Answers

Question 1

A company has Aruba Mobility Controllers (MCs), Aruba campus APs, and ArubaOS-CX switches. The company plans to use ClearPass Policy Manager (CPPM) to classify endpoints by type. The company is contemplating the use of ClearPass’s TCP fingerprinting capabilities.

What is a consideration for using those capabilities?

Options:

A.

ClearPass admins will need to provide the credentials of an API admin account to configure on Aruba devices.

B.

You will need to mirror traffic to one of CPPM's span ports from a device such as a core routing switch.

C.

ArubaOS-CX switches do not offer the support necessary for CPPM to use TCP fingerprinting on wired endpoints.

D.

TCP fingerprinting of wireless endpoints requires a third-party Mobility Device Management (MDM) solution.

Question 2

How does the AOS firewall determine which rules to apply to a specific client's traffic?

Options:

A.

The firewall applies the rules in policies associated with the client's user role.

B.

The firewall applies every rule that includes the client's IP address as the source.

C.

The firewall applies the rules in policies associated with the client's WLAN.

D.

The firewall applies every rule that includes the client's IP address as the source or destination.

Question 3

What is a consideration for implementing wireless containment in response to unauthorized devices discovered by ArubaOS Wireless Intrusion Detection (WIP)?

Options:

A.

It is best practice to implement automatic containment of unauthorized devices to eliminate the need to locate and remove them.

B.

Wireless containment only works against unauthorized wireless devices that connect to your corporate LAN, so it does not offer protection against Interfering APs.

C.

Your company should consider legal implications before you enable automatic containment or implement manual containment.

D.

Because wireless containment has a lower risk of targeting legitimate neighbors than wired containment, it is recommended in most use cases.

Question 4

What is a benefit of Protected Management Frames (PMF). sometimes called Management Frame Protection (MFP)?

Options:

A.

PMF helps to protect APs and MCs from unauthorized management access by hackers.

B.

PMF ensures trial traffic between APs and Mobility Controllers (MCs) is encrypted.

C.

PMF prevents hackers from capturing the traffic between APs and Mobility Controllers.

D.

PMF protects clients from DoS attacks based on forged de-authentication frames

Question 5

You are checking the Security Dashboard in the Web UI for your AOS solution and see that Wireless Intrusion Prevention (WIP) has discovered a rogue radio operating in ad hoc mode with open security. What correctly describes a threat that the radio could pose?

Options:

A.

It could be attempting to conceal itself from detection by changing its BSSID and SSID frequently.

B.

It could open a backdoor into the corporate LAN for unauthorized users.

C.

It is running in a non-standard 802.11 mode and could effectively jam the wireless signal.

D.

It is flooding the air with many wireless frames in a likely attempt at a DoS attack.

Question 6

You have detected a Rogue AP using the Security Dashboard Which two actions should you take in responding to this event? (Select two)

Options:

A.

There is no need to locale the AP If you manually contain It.

B.

This is a serious security event, so you should always contain the AP immediately regardless of your company's specific policies.

C.

You should receive permission before containing an AP. as this action could have legal Implications.

D.

For forensic purposes, you should copy out logs with relevant information, such as the time mat the AP was detected and the AP's MAC address.

E.

There is no need to locate the AP If the Aruba solution is properly configured to automatically contain it.

Question 7

What are some functions of an AruDaOS user role?

Options:

A.

The role determines which authentication methods the user must pass to gain network access

B.

The role determines which firewall policies and bandwidth contract apply to the clients traffic

C.

The role determines which wireless networks (SSiDs) a user is permitted to access

D.

The role determines which control plane ACL rules apply to the client's traffic

Question 8

What is a use case for tunneling traffic between an Aruba switch and an AruDa Mobility Controller (MC)?

Options:

A.

applying firewall policies and deep packet inspection to wired clients

B.

enhancing the security of communications from the access layer to the core with data encryption

C.

securing the network infrastructure control plane by creating a virtual out-of-band-management network

D.

simplifying network infrastructure management by using the MC to push configurations to the switches

Question 9

What is a reason to set up a packet capture on an Aruba Mobility Controller (MC)?

Options:

A.

The company wants to use ClearPass Policy Manager (CPPM) to profile devices and needs to receive HTTP User-Agent strings from the MC.

B.

The security team believes that a wireless endpoint connected to the MC is launching an attack and wants to examine the traffic more closely.

C.

You want the MC to analyze wireless clients' traffic at a lower level, so that the ArubaOS firewall can control the traffic I based on application.

D.

You want the MC to analyze wireless clients' traffic at a lower level, so that the ArubaOS firewall can control Web traffic based on the destination URL.

Question 10

What is symmetric encryption?

Options:

A.

It simultaneously creates ciphertext and a same-size MAC.

B.

It any form of encryption mat ensures that thee ciphertext Is the same length as the plaintext.

C.

It uses the same key to encrypt plaintext as to decrypt ciphertext.

D.

It uses a Key that is double the size of the message which it encrypts.

Question 11

Which is a use case for enabling Control Plane Policing on Aruba switches?

Options:

A.

to prevent unauthorized network devices from sending routing updates

B.

to prevent the switch from accepting routing updates from unauthorized users

C.

to encrypt traffic between tunneled node switches and Mobility Controllers (MCs)

D.

to mitigate Denial of Service (Dos) attacks on the switch

Question 12

Two wireless clients, client 1 and client 2, are connected to an ArubaOS Mobility Controller. Subnet 10.1.10.10/24 is a network of servers on the other side of the ArubaOS firewall. The exhibit shows all three firewall rules that apply to these clients.

Which traffic is permitted?

Options:

A.

an HTTPS request from client 1 to 10.1.10.10 and an HTTPS response from 10.1.10.10 to client 1

B.

an HTTPS request from client 1 to 10.1.10.10 and an HTTPS request from 10.1.10.11 to client 1

C.

an HTTPS request from 10.1.10.10 to client 1 and an HTTPS re-sponse from client 1 to 10.1.10.10

D.

an HTTPS request from client 1 to client 2 and an HTTPS request from client 2 to client 1

Question 13

An organization has HPE Aruba Networking infrastructure, including AOS-CX switches and an AOS-8 mobility infrastructure with Mobility Controllers (MCs) and APs. Clients receive certificates from ClearPass Onboard. The infrastructure devices authenticate clients to ClearPass Policy Manager (CPPM). The company wants to start profiling clients to take their device type into account in their access rights.

What is a role that CPPM should play in this plan?

Options:

A.

Assigning clients to their device categories

B.

Helping to forward profiling information to the component responsible for profiling

C.

Accepting and enforcing CoA messages

D.

Enforcing access control decisions

Question 14

What is one difference between EAP-Tunneled Layer security (EAP-TLS) and Protected EAP (PEAP)?

Options:

A.

EAP-TLS creates a TLS tunnel for transmitting user credentials, while PEAP authenticates the server and supplicant during a TLS handshake.

B.

EAP-TLS requires the supplicant to authenticate with a certificate, hut PEAP allows the supplicant to use a username and password.

C.

EAP-TLS begins with the establishment of a TLS tunnel, but PEAP does not use a TLS tunnel as part of Its process

D.

EAP-TLS creates a TLS tunnel for transmitting user credentials securely while PEAP protects user credentials with TKIP encryption.

Question 15

What is an Authorized client, as defined by AOS Wireless Intrusion Prevention System (WIP)?

Options:

A.

A client that is on the WIP whitelist

B.

A client that has a certificate issued by a trusted Certification Authority (CA)

C.

A client that is NOT on the WIP blacklist

D.

A client that has successfully authenticated to an authorized AP and passed encrypted traffic

Question 16

You are deploying a new wireless solution with an HPE Aruba Networking Mobility Master (MM), Mobility Controllers (MCs), and campus APs (CAPs). The solution will include a WLAN that uses Tunnel for the forwarding mode and WPA3-Enterprise for the security option.

You have decided to assign the WLAN to VLAN 301, a new VLAN. A pair of core routing switches will act as the default router for wireless user traffic.

Which links need to carry VLAN 301?

Options:

A.

Only links on the path between APs and the core routing switches

B.

Only links on the path between APs and the MC

C.

All links in the campus LAN to ensure seamless roaming

D.

Only links between MC ports and the core routing switches

Question 17

A user attempts to connect to an SSID configured on an AOS-8 mobility architecture with Mobility Controllers (MCs) and APs. The SSID enforces WPA3-Enterprise security and uses HPE Aruba Networking ClearPass Policy Manager (CPPM) as the authentication server. The WLAN has initial role, logon, and 802.1X default role, guest.

A user attempts to connect to the SSID, and CPPM sends an Access-Accept with an Aruba-User-Role VSA of "contractor," which exists on the MC.

What does the MC do?

Options:

A.

Applies the rules in the logon role, then guest role, and the contractor role

B.

Applies the rules in the contractor role

C.

Applies the rules in the contractor role and the logon role

D.

Applies the rules in the contractor role and guest role

Question 18

You have been asked to send RADIUS debug messages from an AOS-CX switch to a central SIEM server at 10.5.15.6. The server is already defined on the switch with this command:

logging 10.5.15.6

You enter this command:

debug radius all

What is the correct debug destination?

Options:

A.

file

B.

console

C.

buffer

D.

syslog

Question 19

Which is a correct description of a stage in the Lockheed Martin kill chain?

Options:

A.

In the weaponization stage, which occurs after malware has been delivered to a system, the malware executes its function.

B.

In the exploitation and installation phases, malware creates a backdoor into the infected system for the hacker.

C.

In the reconnaissance stage, the hacker assesses the impact of the attack and how much information was exfiltrated.

D.

In the delivery stage, malware collects valuable data and delivers or exfiltrates it to the hacker.

Question 20

A company has HPE Aruba Networking Mobility Controllers (MCs), campus APs, and AOS-CX switches. The company plans to use HPE Aruba Networking ClearPass Policy Manager (CPPM) to classify endpoints by type. This company is using only CPPM and no other HPE Aruba Networking ClearPass solutions.

The HPE Aruba Networking ClearPass admins tell you that they want to use HTTP User-Agent strings to help profile the endpoints.

What should you do as a part of setting up Mobility Controllers (MCs) to support this requirement?

Options:

A.

Create datapath mirrors that use the CPPM's IP address as the destination.

B.

Create an IF-MAP profile, which specifies credentials for an API admin account on CPPM.

C.

Create control path mirrors to mirror HTTP traffic from clients to CPPM.

D.

Create a firewall whitelist rule that permits HTTP and CPPM's IP address.

Question 21

What distinguishes a Distributed Denial of Service (DDoS) attack from a traditional Denial or service attack (DoS)?

Options:

A.

A DDoS attack originates from external devices, while a DoS attack originates from internal devices

B.

A DDoS attack is launched from multiple devices, while a DoS attack is launched from a single device

C.

A DoS attack targets one server, a DDoS attack targets all the clients that use a server

D.

A DDoS attack targets multiple devices, while a DoS Is designed to Incapacitate only one device

Question 22

Which is a correct description of a stage in the Lockheed Martin kill chain?

Options:

A.

In the delivery stage, malware collects valuable data and delivers or exfilltrated it to the hacker.

B.

In the reconnaissance stage, the hacker assesses the impact of the attack and how much information was exfilltrated.

C.

In the weaponization stage, which occurs after malware has been delivered to a system, the malware executes Its function.

D.

In the exploitation and installation phases, malware creates a backdoor into the infected system for the hacker.

Question 23

You need to implement a WPA3-Enterprise network that can also support WPA2-Enterprise clients. What is a valid configuration for the WPA3-Enterprise WLAN?

Options:

A.

CNSA mode disabled with 256-bit keys

B.

CNSA mode disabled with 128-bit keys

C.

CNSA mode enabled with 256-bit keys

D.

CNSA mode enabled with 128-bit keys

Question 24

What is social engineering?

Options:

A.

Hackers use Artificial Intelligence (Al) to mimic a user’s online behavior so they can infiltrate a network and launch an attack.

B.

Hackers use employees to circumvent network security and gather the information they need to launch an attack.

C.

Hackers intercept traffic between two users, eavesdrop on their messages, and pretend to be one or both users.

D.

Hackers spoof the source IP address in their communications so they appear to be a legitimate user.

Question 25

How can hackers implement a man-in-the-middle (MITM) attack against a wireless client?

Options:

A.

The hacker uses a combination of software and hardware to jam the RF band and prevent the client from connecting to any wireless networks.

B.

The hacker runs an NMap scan on the wireless client to find its MAC and IP address. The hacker then connects to another network and spoofs those addresses.

C.

The hacker uses spear-phishing to probe for the IP addresses that the client is attempting to reach. The hacker device then spoofs those IP addresses.

D.

The hacker connects a device to the same wireless network as the client and responds to the client's ARP requests with the hacker device's MAC address.

Question 26

A company with 465 employees wants to deploy an open WLAN for guests. The company wants the experience to be as follows:

    Guests select the WLAN and connect without having to enter a password.

    Guests are redirected to a welcome web page and log in.The company also wants to provide encryption for the network for devices that are capable. Which security options should you implement for the WLAN?

Options:

A.

Opportunistic Wireless Encryption (OWE) and WPA3-Personal

B.

Captive portal and WPA3-Personal

C.

WPA3-Personal and MAC-Auth

D.

Captive portal and Opportunistic Wireless Encryption (OWE) in transition mode

Question 27

What is an Authorized client as defined by ArubaOS Wireless Intrusion Prevention System (WIP)?

Options:

A.

a client that has a certificate issued by a trusted Certification Authority (CA)

B.

a client that is not on the WIP blacklist

C.

a client that has successfully authenticated to an authorized AP and passed encrypted traffic

D.

a client that is on the WIP whitelist.

Question 28

You have a network with AOS-CX switches for which HPE Aruba Networking ClearPass Policy Manager (CPPM) acts as the TACACS+ server. When an admin authenticates, CPPM sends a response with:

    Aruba-Priv-Admin-User = 1

    TACACS+ privilege level = 15What happens to the user?

Options:

A.

The user receives auditors access.

B.

The user receives no access.

C.

The user receives administrators access.

D.

The user receives operators access.

Question 29

You have been instructed to look in the ArubaOS Security Dashboard's client list Your goal is to find clients mat belong to the company and have connected to devices that might belong to hackers

Which client fits this description?

Options:

A.

MAC address d8:50:e6:f3;6d;a4; Client Classification Authorized; AP Classification, interfering

B.

MAC address d8:50:e6 f3;6e;c5; Client Classification Interfering. AP Classification Neighbor

C.

MAC address d8:50:e6:f3;6e;60; Client Classification Interfering. AP Classification Interfering

D.

MAC address d8:50:e6:f3;TO;ab; Client Classification Interfering. AP Classification Rogue

Question 30

How can ARP be used to launch attacks?

Options:

A.

Hackers can use ARP to change their NIC's MAC address so they can impersonate legiti-mate users.

B.

Hackers can exploit the fact that the port used for ARP must remain open and thereby gain remote access to another user's device.

C.

A hacker can use ARP to claim ownership of a CA-signed certificate that actually belongs to another device.

D.

A hacker can send gratuitous ARP messages with the default gateway IP to cause devices to redirect traffic to the hacker's MAC address.

Question 31

Refer to the exhibits.

as

A company has added a new user group. Users in the group try to connect to the WLAN and receive errors that the connection has no Internet access. The users cannot reach any resources. The first exhibit shows the record for one of the users who cannot connect. The second exhibit shows the role to which the AOS device assigned the user’s client.

What is a likely problem?

Options:

A.

The AOS device does not have the correct RADIUS dictionaries installed on it to understand the Aruba-User-Role VSA.

B.

The AOS device has a server derivation rule configured on it that has overridden the role sent by CPPM.

C.

The clients rejected the server authentication on their side because they do not have the root CA for CPPM’s RADIUS/EAP certificate.

D.

The role name that CPPM is sending does not match the role name configured on the AOS device.

Question 32

Which attack is an example or social engineering?

Options:

A.

An email Is used to impersonate a Dank and trick users into entering their bank login information on a fake website page.

B.

A hacker eavesdrops on insecure communications, such as Remote Desktop Program (RDP). and discovers login credentials.

C.

A user visits a website and downloads a file that contains a worm, which sell-replicates throughout the network.

D.

An attack exploits an operating system vulnerability and locks out users until they pay the ransom.

Question 33

What role does the Aruba ClearPass Device Insight Analyzer play in the Device Insight architecture?

Options:

A.

It resides in the cloud and manages licensing and configuration for Collectors

B.

It resides on-prem and provides the span port to which traffic is mirrored for deep analytics.

C.

It resides on-prem and is responsible for running active SNMP and Nmap scans

D.

It resides In the cloud and applies machine learning and supervised crowdsourcing to metadata sent by Collectors

Question 34

You are checking the Security Dashboard in the Web Ul for your ArubaOS solution and see that Wireless Intrusion Prevention (WIP) has discovered a rogue radio operating in ad hoc mode with open security. What correctly describes a threat that the radio could pose?

Options:

A.

It could open a backdoor into the corporate LAN for unauthorized users.

B.

It is running in a non-standard 802.11 mode and could effectively jam the wireless signal.

C.

It is flooding the air with many wireless frames in a likely attempt at a DoS attack.

D.

It could be attempting to conceal itself from detection by changing its BSSID and SSID frequently.

Question 35

You are troubleshooting an authentication issue for Aruba switches that enforce 802 IX10 a cluster of Aruba ClearPass Policy Manager (CPPMs) You know that CPPM Is receiving and processing the authentication requests because the Aruba switches are showing Access-Rejects in their statistics However, you cannot find the record tor the Access-Rejects in CPPM Access Tracker

What is something you can do to look for the records?

Options:

A.

Make sure that CPPM cluster settings are configured to show Access-Rejects

B.

Verify that you are logged in to the CPPM Ul with read-write, not read-only, access

C.

Click Edit in Access viewer and make sure that the correct servers are selected.

D.

Go to the CPPM Event Viewer, because this is where RADIUS Access Rejects are stored.

Question 36

Refer to the exhibit, which shows the current network topology.

as

You are deploying a new wireless solution with an Aruba Mobility Master (MM). Aruba Mobility Controllers (MCs). and campus APs (CAPs). The solution will Include a WLAN that uses Tunnel for the forwarding mode and Implements WPA3-Enterprise security

What is a guideline for setting up the vlan for wireless devices connected to the WLAN?

Options:

A.

Assign the WLAN to a single new VLAN which is dedicated to wireless users

B.

Use wireless user roles to assign the devices to different VLANs in the 100-150 range

C.

Assign the WLAN to a named VLAN which specified 100-150 as the range of IDs.

D.

Use wireless user roles to assign the devices to a range of new vlan IDs.

Question 37

What is one method for HPE Aruba Networking ClearPass Policy Manager (CPPM) to use DHCP to classify an endpoint?

Options:

A.

It can determine information such as the endpoint OS from the order of options listed in Option 55 of a DHCP Discover packet.

B.

It can respond to a client’s DHCP Discover with different DHCP Offers and then analyze the responses to identify the client OS.

C.

It can snoop DHCP traffic to register the clients’ IP addresses. It then knows where to direct its HTTP requests to actively probe for information about the client.

D.

It can alter the DHCP Offer to insert itself as a proxy gateway. It will then be inline in the traffic flow and can apply traffic analytics to classify clients.

Question 38

What is a Key feature of me ArubaOS firewall?

Options:

A.

The firewall is stateful which means that n can track client sessions and automatically allow return traffic for permitted sessions

B.

The firewall Includes application layer gateways (ALGs). which it uses to filter Web traffic based on the reputation of the destination web site.

C.

The firewall examines all traffic at Layer 2 through Layer 4 and uses source IP addresses as the primary way to determine how to control traffic.

D.

The firewall is designed to fitter traffic primarily based on wireless 802.11 headers, making it ideal for mobility environments

Question 39

What is one practice that can help you to maintain a digital chain of custody in your network?

Options:

A.

Enable packet capturing on Instant AP or Mobility Controller (MC) datapath on an ongoing basis.

B.

Ensure that all network infrastructure devices use RADIUS rather than TACACS+ to authenticate managers.

C.

Ensure that all network infrastructure devices receive a valid clock using authenticated NTP.

D.

Enable packet capturing on Instant AP or Mobility Controller (MC) controlpath on an ongoing basis.

Question 40

How does the ArubaOS firewall determine which rules to apply to a specific client's traffic?

Options:

A.

The firewall applies every rule that includes the dent's IP address as the source.

B.

The firewall applies the rules in policies associated with the client's wlan

C.

The firewall applies thee rules in policies associated with the client's user role.

D.

The firewall applies every rule that includes the client's IP address as the source or destination.

Question 41

A client has accessed an HTTPS server at myhost1.example.com using Chrome. The server sends a certificate that includes these properties:

    Subject name: myhost.example.com

    SAN: DNS: myhost.example.com; DNS: myhost1.example.com

    Extended Key Usage (EKU): Server authentication

    Issuer: MyCA_SigningThe server also sends an intermediate CA certificate for MyCA_Signing, which is signed by MyCA. The client’s Trusted CA Certificate list does not include the MyCA or MyCA_Signing certificates.Which factor or factors prevent the client from trusting the certificate?

Options:

A.

The client does not have the correct trusted CA certificates.

B.

The certificate lacks a valid SAN.

C.

The certificate lacks the correct EKU.

D.

The certificate lacks a valid SAN, and the client does not have the correct trusted CA certificates.

Question 42

as

A company has an Aruba Instant AP cluster. A Windows 10 client is attempting to connect a WLAN that enforces WPA3-Enterprise with authentication to ClearPass Policy Manager (CPPM). CPPM is configured to require EAP-TLS. The client authentication fails. In the record for this client’s authentication attempt on CPPM, you see this alert.

What is one thing that you check to resolve this issue?

Options:

A.

whether the client has a third-party 802.1 X supplicant, as Windows 10 does not support EAP-TLS

B.

whether the client has a valid certificate installed on it to let it support EAP-TLS

C.

whether EAP-TLS is enabled in the SSID Profile settings for the WLAN on the IAP cluster

D.

whether EAP-TLS is enabled in the AAA Profile settings for the WLAN on the IAP cluster

Question 43

You are deploying a new wireless solution with an Aruba Mobility Master (MM). Aruba Mobility Controllers (MCs), and campus APs (CAPs). The solution will include a WLAN that uses Tunnel for the forwarding mode and WPA3-Enterprise for the security option.

You have decided to assign the WLAN to VLAN 301, a new VLAN. A pair of core routing switches will act as the default router for wireless user traffic.

Which links need to carry VLAN 301?

Options:

A.

only links in the campus LAN to ensure seamless roaming

B.

only links between MC ports and the core routing switches

C.

only links on the path between APs and the core routing switches

D.

only links on the path between APs and the MC

Question 44

Why might devices use a Diffie-Hellman exchange?

Options:

A.

to agree on a shared secret in a secure manner over an insecure network

B.

to obtain a digital certificate signed by a trusted Certification Authority

C.

to prove knowledge of a passphrase without transmitting the passphrase

D.

to signal that they want to use asymmetric encryption for future communications

Question 45

What is a consideration for using MAC authentication (MAC-Auth) to secure a wired or wireless connection?

Options:

A.

As a Layer 2 authentication method, MAC-Auth cannot be used to authenticate devices to an external authentication server.

B.

It is very easy for hackers to spoof their MAC addresses and get around MAC authentication.

C.

MAC-Auth can add a degree of security to an open WLAN by enabling the generation of a PMK to encrypt traffic.

D.

Headless devices, such as Internet of Things (loT) devices, must be configured in advance to support MAC-Auth.

Question 46

What is one of the roles of the network access server (NAS) in the AAA framework?

Options:

A.

It negotiates with each user’s device to determine which EAP method is used for authentication.

B.

It determines which resources authenticated users are allowed to access and monitors each user’s session.

C.

It enforces access to network services and sends accounting information to the AAA server.

D.

It authenticates legitimate users and uses policies to determine which resources each user is allowed to access.

Question 47

What is a vulnerability of an unauthenticated Dime-Heliman exchange?

Options:

A.

A hacker can replace the public values exchanged by the legitimate peers and launch an MITM attack.

B.

A brute force attack can relatively quickly derive Diffie-Hellman private values if they are able to obtain public values

C.

Diffie-Hellman with elliptic curve values is no longer considered secure in modem networks, based on NIST recommendations.

D.

Participants must agree on a passphrase in advance, which can limit the usefulness of Diffie- Hell man in practical contexts.

Question 48

Your HPE Aruba Networking Mobility Master-based solution has detected a rogue AP. Among other information, the AOS Detected Radios page lists this information for the AP:

SSID = PublicWiFi

BSSID = a8:bd:27:12:34:56

Match method = Plus one

Match method = Eth-Wired-Mac-Table

The security team asks you to explain why this AP is classified as a rogue. What should you explain?

Options:

A.

The AP has been detected using multiple MAC addresses. This indicates that the AP is spoofing its MAC address, which qualifies it as a suspected rogue.

B.

The AP is probably connected to your LAN because it has a BSSID that is close to a MAC address that has been detected in your LAN. Because it does not belong to the company, it is a suspected rogue.

C.

The AP is an AP that belongs to your solution. However, the AOS has detected that it is behaving suspiciously. It might have been compromised, so it is classified as a suspected rogue.

D.

The AP has a BSSID that is close to your authorized APs’ BSSIDs. This indicates that the AP might be spoofing the corporate SSID and attempting to lure clients to it, making the AP a suspected rogue.

Question 49

Which endpoint classification capabilities do Aruba network infrastructure devices have on their own without ClearPass solutions?

Options:

A.

ArubaOS-CX switches can use a combination of active and passive methods to assign roles to clients.

B.

ArubaOS devices (controllers and lAPs) can use DHCP fingerprints to assign roles to clients.

C.

ArubaOS devices can use a combination of DHCP fingerprints, HTTP User-Agent strings, and Nmap to construct endpoint profiles.

D.

ArubaOS-Switches can use DHCP fingerprints to construct detailed endpoint profiles.

Question 50

You have an AOS-8 architecture, consisting of a Mobility Conductor (MC) and Mobility Controllers (MCs). You want to monitor wireless clients’ application usage in the Traffic Analysis dashboard. What is a requirement?

Options:

A.

Configuring packet capturing on the MCs’ data plane

B.

Enabling logging on the users category on the MCs

C.

Discovering the mobility devices in HPE Aruba Networking Central

D.

Enabling firewall visibility and deep packet inspection (DPI) on the MCs

Page: 1 / 17
Total 167 questions